wip

Author: zhenfeizhang

src/lib.rs

@@ -9,6 +9,9 @@ pub use config::*;
 pub mod hash;
 pub use hash::*;
 
+pub mod poly;
+pub use poly::*;
+
 pub mod poly_commit;
 pub use poly_commit::*;
 

src/poly_commit/poly.rs renamed to src/poly.rs

@@ -1,7 +1,99 @@
 pub mod raw;
-pub use self::raw::*;
+pub use raw::*;
 
-pub mod poly;
-pub use self::poly::*;
+pub mod basefold;
+pub use basefold::*;
 
-pub trait PolynomialCommitment {}
+use std::{borrow::Borrow, fmt::Debug};
+
+use arith::Field;
+use rand::RngCore;
+
+/// This trait defines APIs for polynomial commitment schemes.
+/// Note that for our usage of PCS, we do not require the hiding property.
+///
+/// Credit: https://github.com/EspressoSystems/hyperplonk/blob/8698369edfe82bd6617a9609602380f21cabd1da/subroutines/src/pcs/mod.rs#L24
+pub trait PolynomialCommitmentScheme {
+    /// Prover parameters
+    type ProverParam: Clone + Sync;
+    /// Verifier parameters
+    type VerifierParam: Clone;
+    /// Structured reference string
+    type SRS: Clone + Debug;
+    /// Polynomial and its associated types
+    type Polynomial: Clone + Debug;
+    /// Polynomial input domain
+    type Point: Clone + Debug + Sync + PartialEq + Eq;
+    /// Polynomial Evaluation
+    type Evaluation: Field;
+    /// Commitments
+    type Commitment: Clone + Debug;
+    /// Proofs
+    type Proof: Clone + Debug;
+    /// Batch proofs
+    type BatchProof;
+
+    /// Build SRS for testing.
+    ///
+    ///
+    /// WARNING: THIS FUNCTION IS FOR TESTING PURPOSE ONLY.
+    /// THE OUTPUT SRS SHOULD NOT BE USED IN PRODUCTION.
+    fn gen_srs_for_testing(rng: impl RngCore, supported_n: usize, supported_m: usize) -> Self::SRS;
+
+    /// Generate a commitment for a polynomial
+    /// ## Note on function signature
+    /// Usually, data structure like SRS and ProverParam are huge and users
+    /// might wish to keep them in heap using different kinds of smart pointers
+    /// (instead of only in stack) therefore our `impl Borrow<_>` interface
+    /// allows for passing in any pointer type, e.g.: `commit(prover_param:
+    /// &Self::ProverParam, ..)` or `commit(prover_param:
+    /// Box<Self::ProverParam>, ..)` or `commit(prover_param:
+    /// Arc<Self::ProverParam>, ..)` etc.
+    fn commit(
+        prover_param: impl Borrow<Self::ProverParam>,
+        poly: &Self::Polynomial,
+    ) -> Self::Commitment;
+
+    /// On input a polynomial `p` and a point `point`, outputs a proof for the
+    /// same.
+    fn open(
+        prover_param: impl Borrow<Self::ProverParam>,
+        polynomial: &Self::Polynomial,
+        point: &Self::Point,
+    ) -> (Self::Proof, Self::Evaluation);
+
+    /// Input a list of polynomials, and a same number of points, compute a multi-opening for all the polynomials.
+    fn multi_open(
+        _prover_param: impl Borrow<Self::ProverParam>,
+        _polynomials: &[Self::Polynomial],
+        _points: &[Self::Point],
+        _evals: &[Self::Evaluation],
+    ) -> Self::BatchProof {
+        // the reason we use unimplemented!() is to enable developers to implement the
+        // trait without always implementing the batching APIs.
+        unimplemented!()
+    }
+
+    /// Verifies that `value` is the evaluation at `x` of the polynomial
+    /// committed inside `comm`.
+    fn verify(
+        verifier_param: &Self::VerifierParam,
+        commitment: &Self::Commitment,
+        point: &Self::Point,
+        value: &Self::Evaluation,
+        proof: &Self::Proof,
+    ) -> bool;
+
+    /// Verifies that `value_i` is the evaluation at `x_i` of the polynomial
+    /// `poly_i` committed inside `comm`.
+    fn batch_verify(
+        _verifier_param: &Self::VerifierParam,
+        _commitments: &[Self::Commitment],
+        _points: &[Self::Point],
+        _batch_proof: &Self::BatchProof,
+    ) -> bool {
+        // the reason we use unimplemented!() is to enable developers to implement the
+        // trait without always implementing the batching APIs.
+        unimplemented!()
+    }
+}

src/poly_commit.rs

@@ -0,0 +1,86 @@
+mod config;
+
+use std::borrow::Borrow;
+
+use arith::Field;
+use config::BasefoldConfig;
+use rand::RngCore;
+
+use super::PolynomialCommitmentScheme;
+
+#[derive(Clone, Debug)]
+pub struct BaseFold<C> {
+    phantom: std::marker::PhantomData<C>,
+}
+
+impl<C: BasefoldConfig> PolynomialCommitmentScheme for BaseFold<C> {
+    /// Prover parameters
+    type ProverParam = ();
+    /// Verifier parameters
+    type VerifierParam = ();
+    /// Structured reference string
+    type SRS = ();
+    /// Polynomial and its associated types
+    type Polynomial = ();
+    /// Polynomial input domain
+    type Point = Vec<C::BaseField>;
+    /// Polynomial Evaluation
+    type Evaluation = C::BaseField;
+    /// Commitments
+    type Commitment = ();
+    /// Proofs
+    type Proof = ();
+    /// Batch proofs
+    type BatchProof = ();
+
+    /// Build SRS for testing.
+    ///
+    ///
+    /// WARNING: THIS FUNCTION IS FOR TESTING PURPOSE ONLY.
+    /// THE OUTPUT SRS SHOULD NOT BE USED IN PRODUCTION.
+    fn gen_srs_for_testing(
+        _rng: impl RngCore,
+        _supported_n: usize,
+        _supported_m: usize,
+    ) -> Self::SRS {
+        unimplemented!("basefold does not need an SRS")
+    }
+
+    /// Generate a commitment for a polynomial
+    /// ## Note on function signature
+    /// Usually, data structure like SRS and ProverParam are huge and users
+    /// might wish to keep them in heap using different kinds of smart pointers
+    /// (instead of only in stack) therefore our `impl Borrow<_>` interface
+    /// allows for passing in any pointer type, e.g.: `commit(prover_param:
+    /// &Self::ProverParam, ..)` or `commit(prover_param:
+    /// Box<Self::ProverParam>, ..)` or `commit(prover_param:
+    /// Arc<Self::ProverParam>, ..)` etc.
+    fn commit(
+        prover_param: impl Borrow<Self::ProverParam>,
+        poly: &Self::Polynomial,
+    ) -> Self::Commitment {
+        unimplemented!()
+    }
+
+    /// On input a polynomial `p` and a point `point`, outputs a proof for the
+    /// same.
+    fn open(
+        prover_param: impl Borrow<Self::ProverParam>,
+        polynomial: &Self::Polynomial,
+        point: &Self::Point,
+    ) -> (Self::Proof, Self::Evaluation) {
+        unimplemented!()
+    }
+
+    /// Verifies that `value` is the evaluation at `x` of the polynomial
+    /// committed inside `comm`.
+    fn verify(
+        verifier_param: &Self::VerifierParam,
+        commitment: &Self::Commitment,
+        point: &Self::Point,
+        value: &Self::Evaluation,
+        proof: &Self::Proof,
+    ) -> bool {
+        unimplemented!()
+    }
+}

src/poly_commit/basefold.rs

@@ -0,0 +1,32 @@
+use std::marker::PhantomData;
+
+use arith::{BabyBear, BabyBearExt3, ExtensionField, Field};
+
+pub trait BasefoldConfig {
+    type BaseField: Field + Eq + Sync;
+    type ExtField: ExtensionField<BaseField = Self::BaseField>;
+
+    const RATE_BITS: usize;
+
+    const VERIFIER_QUERIES: usize;
+
+    #[inline]
+    fn codeword_bits(&self, num_vars: usize) -> usize {
+        Self::RATE_BITS + num_vars
+    }
+}
+
+#[derive(Clone, Debug)]
+pub struct BabybearConfig;
+
+
+impl BasefoldConfig for BabybearConfig {
+
+    type BaseField = BabyBear;
+
+    type ExtField = BabyBearExt3;
+
+    const RATE_BITS: usize = 128;
+
+    const VERIFIER_QUERIES: usize = 33;
+}